| 000 | 04865nam a22001817a 4500 | ||
|---|---|---|---|
| 003 | NUST | ||
| 005 | 20260117150641.0 | ||
| 082 | _a005.8,RAS | ||
| 100 |
_aRashid, Aqas _9132798 |
||
| 245 |
_aAutonomous Security Services for Organizations Assisted by Blockchain and Cryptographic Protocols / _cAqas Rashid |
||
| 260 |
_aRawalpindi, _bMCS (NUST), _cSeptember 2024 |
||
| 300 | _axiv, 119 p | ||
| 505 | _aSecurity services are essential for organizations, enterprises, and individuals to protect their network, data, resources, services, privileges, databases, cloud and web access, and administrative tasks. These services include encryption and authentication using the Public Key Infrastructure (PKI) mechanism, privacy using the Privilege Management Infrastructure (PMI) and Identity and Access Management (IdAM), Provenance using track and trace, and Integrity Assurance using end-to-end trustworthiness. These security services are the cornerstones for surviving in the modern digital world. Centralized enforcement mechanisms for security services are vulnerable to security attacks and issues that have been documented throughout history. The literature presents numerous blockchain-empowered security service mechanisms for PKI, PMI, IdAM, Provenance, and Integrity Assurance. However, the existing solutions in these security mechanisms, including their frameworks, architectures, designs, algorithms, and implementations, are thoroughly reviewed and critically analyzed. The conclusion drawn is that there is room for improvement in these areas to improve security through autonomous security services to enhance security operations. Autonomous security services enhance human capabilities, improve response times, and enhance overall security posture in an increasingly complex and dynamic threat landscape. This research aims to design autonomous security service mechanisms for PKI, PMI, IdAM, Provenance, and Integrity Assurance using blockchain and cryptographic protocols. The objective is to improve performance in terms of computational effort and security features, as compared to existing techniques. In the encryption and authentication security services part, the focus of this research is to propose a blockchain-based PKI mechanism within a privately trusted, managed, and publicly trusted PKI domain. The performance of the proposed designs is evaluated through proof of concept experiments and deployment to test the effectiveness of the proposed PKI mechanisms. Additionally, the quantitative results obtained are benchmarked against the corresponding results acquired from the existing techniques. The comparison results highlight the significance of the mechanism in terms of computational effort. Collectively, we referred to all the contributions of this dissertation in this domain as “PKI 3600.” In the privacy security services part, PMI mechanisms have been proposed for organizations and enterprises. The focus of this domain is to propose blockchain-based PMI mechanisms in the Privileges in PKI (PPKI), and Privileges in Functional PKI (PFPKI) in privately trusted, managed, and publicly trusted PMI domains. The validation of the proposed designs has been performed through proof of concept. The proposed mechanisms comply with the X.509 PMI standard and are efficient in terms of computational effort. We referred to all the contributions of this dissertation in this domain collectively as “PMI 3600.” In the privacy security services part, IdAM mechanisms have been proposed. The focus of the IdAM domain is to propose blockchain-based IdAM mechanisms in trans-organizational, intra-, and inter-domain environments, used both with and without bridging entities. The IdAM enforcement design considers identity, attribute, and role-based access control security policies. Simulation experiments and deployment are used to evaluate the performance of the proposed designs and test the effectiveness of the IdAM mechanisms. Additionally, the obtained quantitative results are compared to those of existing techniques to assess their significance in terms of computational effort. The results demonstrate that the proposed schemes outperform existing solutions. Collectively, we referred to all the contributions of this dissertation in this domain as “IdAM 3600.” In the provenance security services part, the mechanisms are presented for the contagious disease vaccination and immunity licenses. Within this domain, three protocols are defined to manage health licenses for contagious diseases. Performance evaluation is conducted through proof of concept experiments and deployment to test the effectiveness of proposed provenance mechanisms. | ||
| 650 |
_aPhD Information Security Thesis _9132793 |
||
| 651 |
_aPhD IS Thesis _9132794 |
||
| 700 |
_aSupervised by Dr. Asif Masood _9132796 |
||
| 942 |
_2ddc _cTHE |
||
| 999 |
_c615837 _d615837 |
||